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1 SMC: a symmetry -based model checker for verif i cation of safety and livene s s 
properties 

^ A. Prasad Sistla, Viktor Gyuris, E. Allen Emerson 

April 2000 ACM Transactions on Software Engineering and Methodology (TOSEM), 

Volume 9 Issue 2 
Publisher: ACM Press 

Full text available- ff) pdf(21 7 86 KB) Additional Information: full citation, abstract, references, citings, index 
^ ~~~~ terms, re view 

The article presents the SMC system. SMC can be used for checking safety and liveness 
properties of concurrent programs under different fairness assumptions. It is based on 
explicit state enumeration. It combats the state explosion by exploiting symmetries of the 
input concurrent program, usually present in the form of identical processes, in two 
different ways. Firstly, it reduces the number of explored states by identifying those 
states that are equivalent under the symmetries of the syst ... 



Keywords: automata, model checking 



2 Heraclitus: elevating deltas to be first-class citizens in a database programming 
<g> language 

^ Shahram Ghandeharizadeh, Richard Hull, Dean Jacobs 

September 1996 ACM Transactions on Database Systems (TODS), volume 21 issue 3 
Publisher: ACM Press 

Full text available" fiC) pdf(3.76 MB) Additional Information: full citation , abstract , references , citin gs, index 

terms , review 

Traditional database systems provide a user with the ability to query and manipulate one 
database state, namely the current database state. However, in several emerging 
applications, the ability to analyze "what-if" scenarios in order to reason about the impact 
of an update (before committing that update) is of paramount importance. Example 
applications include hypothetical database access, active database management systems, 
and version management, to name a few. The central th ... 

Keywords: active databases, deltas, execution model for rule application, hypothetical 
access, hypothetical database state 
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COCA: A secure distributed onlin e certification authority 
Lidong Zhou, Fred B. Schneider, Robbert Van Renesse 

November 2002 ACM Transactions on Computer Systems (TOCS), volume 20 issue 4 
Publisher: ACM Press 

Full text available* fFl odf(448 28 KB) Additional Information: full citation , abstract, references, citings, index 
^ terms 

COCA is a fault-tolerant and secure online certification authority that has been built and 
deployed both in a local area network and in the Internet. Extremely weak assumptions 
characterize environments in which COCA's protocols execute correctly: no assumption is 
made about execution speed and message delivery delays; channels are expected to 
exhibit only intermittent reliability; and with 3t + 1 COCA servers up to t may be faulty or 
compromised. COCA is the first system to integr ... 

Keywords: Byzantine quorum systems, Certification authority, denial of service, 
proactive secret-sharing, public key infrastructure, threshold cryptography 



Take control of TCPA 

David Safford, Jeff Kravitz, Leendert van Doom 
August 2003 Linux Journal, volume 2003 issue 112 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: lg] html(21.73 KB) Additional Information: full citation , abstract 
The free code behind IBM's new security chip. Menace or protector? 

Separating key management from file system security 

David Mazieres, Michael Kaminsky, M. Frans Kaashoek, Emmett Witchel 

December 1999 ACM SIGOPS Operating Systems Review , Proceedings of the 

seventeenth ACM symposium on Operating systems principles SOSP 

'99, Volume 33 Issue 5 
Publisher: ACM Press 

Full text available: 1f| pdf(1.77MB) Additional Information: full citation, abstra ct, references, citings, index 

terms 

No secure network file system has ever grown to span the Internet. Existing systems all 
lack adequate key management for security at a global scale. Given the diversity of the 
Internet, any particular mechanism a file system employs to manage keys will fail to 
support many types of use. We propose separating key management from file system 
security, letting the world share a single global file system no matter how individuals 
manage keys. We present SFS, a secure file system that avoids internal ... 

A public-k ey b ased secure mobile IP 

John Zao, Joshua Gahm, Gregory Troxel, Matthew Condell, Pam Helinek, Nina Yuan, Isidro 
Castineyra, Stephen Kent 

October 1999 Wireless Networks, volume 5 issue 5 
Publisher: Kluwer Academic Publishers 

Full text available: ^ pdf(255.65 KB) Additional Information: full citation , references , citings, index terms 



The Satchel system architecture: mobile access to documents and services 
Mike Flynn, David Pendlebury, Chris Jones, Marge Eldridge, Mik Lamming 
December 2000 Mobile Networks and Applications, volume 5 issue 4 
Publisher: Kluwer Academic Publishers 

Full text available* Additional Information: full citation , abstract , references , citings , index 
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g pdf(207.51 KB) t e rm s 

Mobile professionals require access to documents and document&dash; related services, 
such as printing, wherever they may be. They may also wish to give documents to 
colleagues electronically, as easily as with paper, face&dash;to&dash;face, and with 
similar security characteristics. The Satchel system provides such capabilities in the form 
of a mobile browser, implemented on a device that professional people would be likely to 
carry anyway, such as a pager or mobile phone. Printing may be per ... 

The interne t worm p rog ram: an analysis 
Eugene H. Spafford 

January 1989 ACM SIGCOMM Computer Communication Review, volume 19 issue l 
Publisher: ACM Press 

Full text available: pdf(2.45 MB) Additional Information: full citation , abstract , citings , index terms 

On the evening of 2 November 1988, someone infected the Internet with a worm 
program. That program exploited flaws in utility programs in systems based on BSD- 
derived versions of UNIX. The flaws allowed the program to break into those machines 
and copy itself, thus infecting those systems. This program eventually spread to 
thousands of machines, and disrupted normal activities and Internet connectivity for 
many days.This report gives a detailed description of the components of the ... 

Termination in language - base d s ystems 
Algis Rudys, Dan S. Wallach 

May 2002 ACM Transactions on Information and System Security (TISSEC), volume 5 

Issue 2 
Publisher: ACM Press 

Full text available: If ) pdf(355.43 KB) Additional Information: full citation, abstract, references, citings, index 
^ terms 

Language run-time systems are increasingly being embedded in systems to support run- 
time extensibility via mobile code. Such systems raise a number of concerns when the 
code running in such systems is potentially buggy or untrusted. Although sophisticated 
access controls have been designed for mobile code and are shipping as part of 
commercial systems such as Java, there is no support for terminating mobile code short 
of terminating the entire language run-time. This article presents a c ... 

Keywords: Applets, Internet, Java, resource control, soft termination, termination 



10 Key management and key exchan g e: A key-management scheme for distributed Q 
sensor networks 



Laurent Eschenauer, Virgil D. Gligor 

November 2002 Proceedings of the 9th ACM conference on Computer and 
communications security CCS '02 

Publisher: ACM Press 

Full text available* f£| pdf(582 21 KB) Additional Information: full citation , abstract , references , citings , index 
™ terms 

Distributed Sensor Networks (DSNs) are ad-hoc mobile networks that include sensor 
nodes with limited computation and communication capabilities. DSNs are dynamic in the 
sense that they allow addition and deletion of sensor nodes after deployment to grow the 
network or replace failing and unreliable nodes. DSNs may be deployed in hostile areas 
where communication is monitored and nodes are subject to capture and surreptitious use 
by an adversary. Hence DSNs require cryptographic protection of com ... 

Keywords: key management, probabilistic key sharing, random graphs, sensor networks 
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11 A search e ngine for 3D models 

^ Thomas Funkhouser, Patrick Min, Michael Kazhdan, Joyce Chen, Alex Halderman, David 
^ Dobkin, David Jacobs 

January 2003 ACM Transactions on Graphics (TOG), volume 22 issue 1 

Publisher: ACM Press 

Full text available* *® pdf (7 91 MB ) Additional Information: full citation, abstract, references, citings, index 

terms 

As the number of 3D models available on the Web grows, there is an increasing need for a 
search engine to help people find them. Unfortunately, traditional text-based search 
techniques are not always effective for 3D data. In this article, we investigate new shape- 
based search methods. The key challenges are to develop query methods simple enough 
for novice users and matching algorithms robust enough to work for arbitrary polygonal 
models. We present a Web-based search engine system that support ... 

Keywords: Search engine, shape matching, shape representation, shape retrieval 



1 2 D e s ig n o f a hi gh- perf o rma n ce ATM firewa ll Q 
Jun Xu, Mukesh Singhal 

November 1998 Proceedings of the 5th ACM conference on Computer and 
communications security CCS '98 

Publisher: ACM Press 

Full text available: *gpdf(1.27 MB) Additional Information: full citation, references, index terms 




13 Paranoid peng u i n: de t ec ti n g sus p e ct t r a ff i c 
Michael Rash 

November 2001 Linux Journal volume 2001 issue 91 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: W\ html(14.22 KB ) Additional Information: fu ll citation , index terms 



14 Invited papers on the frontiers of s oftwa re practice: C ybersecur ity 
Richard A. Kemmerer 

May 2003 Proceedings of the 25th International Conference on Software 
Engineering ICSE '03 

Publisher: IEEE Computer Society 

Full text available: ^ pd f (1 17 MB ) Additional Information: full citation , abstract , references , citing s, index 
Publisher Site terms 

As more business activities are being automated and an increasing number of computers 
are being used to store sensitive information, the need for secure computer systems 
becomes more apparent. This need is even more apparent as systems and applications 
are being distributed and accessed via an insecure network, such as the Internet. The 
Internet itself has become critical for governments, companies, financial institutions, and 
millions of everyday users. Networks of computers support a multitude ... 

15 Mobile code: Anomaly intrusion detection in dynamic execution environments 
Hajime Inoue, Stephanie Forrest 

September 2002 Proceedings of the 2002 workshop on New security paradigms NSPW 
'02 

Publisher: ACM Press 
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We describe an anomaly intrusion-detection system for platforms that incorporate 
dynamic compilation and profiling. We call this approach "dynamic sandboxing." By 
gathering information about applications' behavior usually unavailable to other anomaly 
intrusion-detection systems, dynamic sandboxing is able to detect anomalies at the 
application layer. We show our implementation in a Java Virtual Machine is both effective 
and efficient at stopping a backdoor and a virus, and has a low false positi ... 

Keywords: Java, anomaly detection, dynamic sandboxing 



16 Open-Source Intrusion D etec tion Tools for Linux: Armed with Linux and Open Source Q 
tools, you can e v en k e ep an ISP secure. 
Bobby S. Wen 

October 2000 Linux Journal 

Publisher: Specialized Systems Consultants, Inc. 

Full text available: |g| html(20.63 KB) Additional Information: full citation, references, index terms 



Risks to the public: Risks to the public in computers and related systems Q 
Peter G. Neumann 

May 2002 ACM SIGSOFT Software Engineering Notes, volume 27 issue 3 
Publisher: ACM Press 

Full text available: *gjpdf(1.92 MB) Additional Information; full citation 



18 Risks to the public in computers and relate d syste m s 
Peter G. Neumann 

January 1987 ACM SIGSOFT Software Engineering Notes, volume 12 issue 1 
Publisher: ACM Press 

Full text available: *^]pdf(1,91 MB) Additional Information: full citati on, abstr act 

The RISKS Forum in Software Engineering Notes does not limit itself just to software 
problems (let alone software engineering) because the risks we discuss don't either. Thus 
the topic demands a broad perspective. 

19 An end-to-end approach to host mobility 
Alex C. Snoeren, Hari Balakrishnan 

August 2000 Proceedings of the 6th annual international conference on Mobile 
computing and networking MobiCom '00 

Publisher: ACM Press 

Full text available' f|j) pdf(1 35 MB) Additional Information: full citation , abstract , references , citings, index 
[£j s terms 

We present the design and implementation of an end-to-end architecture for Internet host 
mobility using dynamic updates to the Domain Name System (DNS) to track host location. 
Existing TCP connections are retained using secure and efficient connection migration, 
enabling established connections to seamlessly negotiate a change in endpoint IP 
addresses without the need for a third party. Our architecture is secure— name updates 
are effected via the secure DNS update protocol, while TCP ... 
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Peer to peer networks: A reputation-based approach for choosing reliable resources 
in peer-to-peer networks 
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^ Ernesto Damiani, De Capitani di Vimercati, Stefano Paraboschi, Pierangela Samarati, Fabio 
Violante 

November 2002 Proceedings of the 9th ACM conference on Computer and 
communications security CCS '02 

Publisher: ACM Press 

Full text available- Wi pdf(650 19 KB) Add ' tional Information: full citation , abstract , references , citings , index 

terms 

Peer-to-peer (P2P) applications have seen an enormous success, and recently introduced 
P2P services have reached tens of millions of users. A feature that significantly contributes 
to the success of many P2P applications is user anonymity. However, anonymity opens 
the door to possible misuses and abuses, exploiting the P2P network as a way to spread 
tampered with resources, including Trojan Horses, viruses, and spam. To address this 
problem we propose a self-regulating system where the P2P netwo ... 

Keywords: peer-to-peer network, polling protocol, reputation-based systems 
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